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Claims 1-3, 5-7, and 9-40 are pending in this application by the entry of this Amendment. 

The specification has been amended. The amended specification includes no new matter. 

Claims 1 -3, 5-7, and 9- 1 7 have been amended by this Amendment. Claims 4 and 8 have been 
cancelled. Claims 18 to 40 have been newly added by this Amendment. No new matter has been 
added. 

I. Specification 

The examiner stated that a substitute specification marked relative to the original 
specification translation is required. 

In accordance with this request, the marked-up version of the specification marked relative 
to the original specification written in English (pages 1 to 21 in the original specification) and the 
translation filed on 28 October 1999 of the original specification (pages 22 to 54) written in Korean 
language is provided. For the Examiner's understanding, the Amendment includes an instruction 
which identifies the location by the page number of the original specification. 

The specification has been rearranged, modified and deleted the repetitive portions. 
Reconsideration is respectfully requested. 

II. Claim rejections - 35 U.S.C. §112 

Claims 1 to 17 stand rejected under 35 U.S.C. §112, first paragraph, as containing subject 
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matter which was not described in the specification in such a way as to reasonably convey to one 
skilled in the relevant art that the inventor, at the time of the application was filed, had possession 
of the claimed invention. The examiner asserted that the main elements of the invention and their 
relationships to one another are not adequately described so as to understand the claimed invention. 

Claims 1 to 1 7 have been amended. All the main elements and their relationships to one 
another are adequately described in the amended claims. 

Claims 1, 5 and 13 stand rejected under 35 U.S.C. §112, first paragraph because of 
insufficient antecedent basis. 

The antecedent problems in claims 1, 5 and 13 have been corrected. 

Reconsideration is respectfully requested. 

III. Claim rejections - 35 U.S.C. §102 

Claims 1 to 17 stand rejected under 35 U.S.C. 102(e) as being anticipated by Dolphin (U.S. 
Patent No. 5,677,953). 

In Verdegaal Bros. , the Court held that "[a] claim is anticipated only if each and every 
element as set forth in the claim is found, either expressly or inherently described, in a single prior 
art reference." ( Verdegaal Bros v. Union Oil Co. of California . 814 F.2d 628 (Fed. Cir. 1987)) 

Claims 1-3, 4-7, and 9-1 7 as amended are not anticipated by Dolphin '953 for the following 
reasons. 

First, "the portable terminal supplier" and/or the "portable terminal" in which the 
manufacturer key information is embedded is not disclosed in Dolphin '953. In the present invention, 
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the portable terminal supplier sends a first registration request signal to the certificate authority to 
obtain the manufacturer key information and embeds in the portable terminal the manufacturer key 
information which is used for the portable terminal's registration to personal computer or the content 
supplier. On the other hand, there is no portable terminal supplier and/or a portable terminal having 
those limitations in Dolphin '953. 

Second, "the content supplier" of the present claimed invention is not disclosed in Dolphin 
'953. Dolphin '953 does not disclose the first secret channel between the publisher 2 1 and the server 
25. In addition, the server '25 of Dolphin '953 does not generate "a second key information" for 
authorizing a personal computer to receive and reproduce the digital contents. The examiner asserted 
that "[t]he server transmits a key to the user based on the result of a billing authorization (col. 3, lines 
27 to 45). But, in Dolphin '953, the key recited by the examiner is generated by the billing 
authorization, and the user sends a request access to one or more of the publications to the 
billing/access center, (col. 3, lines 33 to 36). 

In addition, at least the second secret channel, the third secret channel, and the additional 
limitations in claims 2, 3, and 6 to 17 are not found in Dolphin '953. 

Furthermore, in the Office action, the examiner rejected claims 1 to 1 7 based on the analysis 
of a few elements of the claimed invention. 

A decision on patentability must be supported by concrete evidence in the record. In re Lee , 
277 F.3d 1338 (Fed. Cir. 2002); In re Zurko . 258 F.3d 1379, 1385-86( Fed. Cir. 2001). The 
examiner must show that each and every element as set forth in the claim is found, either expressly 
or inherently described, in a single prior art reference. 
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Therefore, withdrawal of the rejection is respectfully requested. 

Reconsideration of the rejections and objections is requested. Should any questions remain 
unresolved, the Examiner is requested to telephone Applicant's attorney. 

A fee of $492.00 is incurred by the addition of two (2) independent claims in excess of 4 and 
by the addition of eighteen ( 1 8) total claims in excess of 20. Also, a fee of $930.00 is incurred by 
filing of a petition for three-month extension of time. Applicant's check drawn to the order of the 
Commissioner accompanies this Amendment. Should the check become lost or detached from the 
file, the Commissioner is authorized to charge Deposit Account No. 02-4943 and advise the 
undersigned attorney accordingly. Also, should the enclosed check be deemed to be deficient or 
excessive in payment, the Commissioner is authorized to charge or credit our deposit account and 
notify the undersigned attorney of any such transaction. 



1522 "K" Street N.W., Suite 300 
Washington, D.C. 20005 
Telephone No. (202) 408-9040 
Facsimile No. (202) 289-7100 

Folio: P55690 
Date: 7/18/03 
I.D.: REB/JHP 



Respectfully submitted, 




Robert E. Bushnell, 
Attorney for the Applicant 
Registration No.: 27,774 
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VERSION WITH MARKINGS TO SHOW CHANGES MADE 

IN THE SPECIFICATION 

Please enter the following amendments: 

1. Please amend pages 1 of the original specification, as follows. 

TITLE 

COPY PROTECTION SYSTEM 
FOR PORTABLE STORAGE MEDIA 

CLAIM FOR PRIORITY 

This application makes reference to, incorporates the same herein, and claims all rights 
accruing thereto under 35 U.S. C. § 1 1 9 through our patent applications entitled The Digital Content 
Encryption Apparatus And Method Thereof earlier filed on the 24 th day of September 1998 in the 
Korean Industrial Property Office and there duly assigned Serial Nos. 1 998/39808 and 1 998/39809. 

FIELD OF THE INVENTION 

The present invention is generally related to encryption processes and apparatus, and, more 
particularly, to secure and robust processes and apparatus for the generation and use of keys in the 
transmission and replay of digital information for licensed Secure Digital Music Initiative ( SDMI) 
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compliant modules such as personal computers and SDMI compliant portable devices in conjunction 
with Internet service content provider and_a certificate authority. 



Recently, with the flood of information provided by various media such as broadcasting and 
press, an atmosphere has been created by the information providers who are interested in providing 
integrated information that covers all of the media. Other users want to selectively receive a specific 

2. Please amend page 2 of the original specification, as follows. 

item of digital information from the entire spectrum of information available from a particular 
information provider (IP). Accordingly, a digital content transmission system has been formed by 
the information providers who convert various types of information into a digital form and store this 
digital information, and the users who subscribe to this digital information system from the 
information provider via the network. Digital information transmission systems endow an 
application program with easy downloadability of the digital content. The user can get all the 
information desired by using this application program to access the digital information system 
through the network. 

The digital information may be provided to the user either for pay or for free. In case of paid 
digital information, the server who [provide]provides the digital information via the transmission 



BACKGROUND ART 
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system sets the service fee. The service server charges the user according to the quantity of 
information used when the digital information is downloaded to the user. MPEG software protocol 
for example, compresses audio files to a fraction of their original size, but has little perceptible 
r affect] effect upon the quality of the audio sound. MPEG software protocol is now widely used by 
Internet sites offering digitalized music, and is reported to be commonly used to offer digitalized 
versions of recorded music without the consent of the musicians. When a user is connected to a 
server that provides digital information commercially via a network, a few of the users may be able 
to inadvertently or illegally copy the digital information, a practice that, as was recently noted by 
Interdeposit and the French Agency for the Protection of Programs, a member of the European 
Association of Authors and Information Technology Professional, in the Patent, Trademark & 
Copyright Journal, volume 57, No. 1416, page 385 (11 March 1999), would be economically 
damaging to both the musicians 

3. Please amend page 3 of the original specification, as follows. 

and to the server who is running the digital information transmission system. Currently, the server, 
as well as the musicians, can do little more than seek redress by undertaking civil and criminal action 
in an effort to control the possibility of unlicensed reception of digital information. We have noticed 
that there is a need for a technique to preserve transmission security of revenue bearing information 
while restricting access to the information by unauthorized entities and preventing unauthorized 
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users from using any of the information that they may be able to illicitly obtain from the information 
provider by restricting the ability of the unauthorized users to decrypting whatever information they 
manage to obtain via the system. 

Also, it is difficult to prevent the illegal copy of the supplied digital contents or the CODEC 
recorded on the portable medium if the portable medium is copied after the digital content has been 
su pplied to a user and recorded on the portable medium. 



In particular, the MP3 which is the audio data of the above digital contents is downloaded 
to the first content output unit as well as the second content output unit such as an MP3 player and 
then reproduced. In the meantime, the MP3 is downloaded to a content storage unit such as a 
smartmedia card built in the first content output unit, and the MP3 downloaded in the content storage 
unit is reproduced through the second content output unit. 

However, as stated above, there is a drawback in that the digital data downloaded to the first 
and second content output units and the content storage unit are easily copied to be illegally 
distributed 



It is therefore, one object of the present invention to provide improvements in cryptographic 
processes and apparatus. 

It is another object to provide a secure and robust digital encryption process and apparatus. 

It is yet another object to provide digital encryption processes and apparatus endowing a 
system with secure and robust copy protection for [LCM's (i.e.,] a licensed [SDMI (i.e.,] secure 




SUMMARY OF THE INVENTION 



Page 62 of 114 



PATENT 
P55690 

digital music initiative[)] compliant [modules] module such as personal computers[)] and [PD's (i.e., 
SDMI compliant] portable devices such as disk and DVD players[)] in conjunction with [ISP (i.e.,] 
Internet service provider[)] and [CA (i.e.,] a certificate authority[)]. 

It is still another object to provide digital encryption processes and apparatus able to encrypt 
and transmit digital information received from a transmission system, by the use of multiple 
cryptographic keys. 

4. Please amend page 4 of the original specification, as follows. 

It is still yet another object to provide digital encryption processes and apparatus for 
generating and using multiple cryptographic keys during the transmission of digital information to 
a user. 

It is a further object to provide digital encryption processes and apparatus that employ user 
information in the generation and use of multiple cryptographic keys during the transmission of 
digital information to the user. 

It is a yet further object to provide digital encryption processes and apparatus able to encrypt 
and transmit digital information obtained from a transmission system by using multiple 
cryptographic keys, and to decrypt and play the digital information at the terminal of the user by 
using a plurality of keys, one of which is common to the multiple keys. 

It is a still further object to provide digital encryption processes and apparatus able to encrypt 
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and transmit digital information obtained from a transmission system by using key information, a 
user's key, and a temporary validation key, and to decrypt and play the digital information at the 
terminal of the user by using the key information and user authorization information. 

It is still yet a further object to provide encryption, transmission and reception protocols 
enabling encryption, transmission and decryption of digital information received from a transmission 
system. 

It is an additional object to provide encryption, transmission and reception protocols enabling 
encryption and transmission of digital information received from a transmission system by using 
multiple keys to encrypt the digital information, and decryption and replay of the digital information 
at the terminal of the user by using a plurality of keys, one of which is common to the multiple keys. 

5. Please amend page 5 of the original specification, as follows. 

It is [a] still yet a further object to provide encryption, transmission and reception protocols 
enabling encryption and transmission of digital information received from a transmission system, 
by using key information, a user's key, and a temporary validation key, and decryption and replay 
of the digital information at the terminal of the user by using the key information and user 
authorization information. 

It is also an object to provide a more secure cryptograph and process for transmitting 
information to a terminal of a user who has requested the information. 
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It is also a further object to provide a cryptograph and process that reliably restricts the ability 
of a registered subscriber who has validly obtained information from an information provider, to 
deliver that information to another entity in a readily usable form. 

These and other objects may be attained with an encryption process and apparatus that 
provides a secure and robust copy protection system for a licensed secure digital music initiative 
compliant [modules] module such as personal computers and portable devices, in conjunction with 
Iternet service providers and certificate authorities, by responding to a user's request for 
transmission of items of digital information to the user's terminal unit, by providing copyprotection 
during downloading and during uploading of the digital contents. In order to prevent the digital 
contents from being copied illegally, a plurality of keys [are] is generated and held by both the user 
and the digital content provider, and a secret channel is formed between both the user and the digital 
content provider. The header of the encrypted digital content is encrypted by using a physical 
address of a sector of a licensed SDMI compliant module such as a portable computer or a portable 
media device in order to prevent the digital content from being copied illegally after the digital 
content is recorded 

6. Please amend page 6 of the original specification, as follows. 

in the portable media. 
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The present invention includes a certificate authority, an information provider, a first content 
output unit, a second content output unit, and a manufacturer of the second output units. 

The certificate authority generates, encrypts, and outputs a first authentication qualification 
key and a first authentication qualification key data, and generates a manufacturing key and 
manufacturing key information in response to a registration request signal from the manufacturer. 
The certificate authority forms a first table and a second table. The first table has a manufacturer key, 
a manufacturer key data, and information of the manufacturer key, and the second table has a token, 
a token information encrypted by the manufacturer key, the identification of a portable device or 
terminal. 

The manufacturer of the second output units such portable devices sends a registration 
request signal to the certificate authority and receives the manufacturing key and manufacturing key 
data. 

The internet service provider transmits the registration request signal to the certificate 
authority, stores the first authentication qualification key and the first authentication qualification 
key data inputted from the certificate authority in order to be authorized to supply the encrypted 
digital contents, and generates a second authentication qualification key and a second authentication 
qualification key data. The internet service provider outputs the second registration request signal 
to the certificate authority. 

The first content output unit such as a personal computer outputs the registration request 
signal to the internet service provider in order to receive the digital contents, stores the second 
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authentication qualification key and the second authentication qualification key data, outputs the 
manufacturer key data to the internet service provider, encodes and outputs the manufacturer key 
detected from the second table in response to the manufacturer key data, and receives a public key, 
public key information and digital contents. 

The second content output unit such as a portable device outputs the first registration request 
signal to the certificate authority and stores the manufacturer key and the manufacturer key data 
inputted from the certificate authority. 

In addition or alternatively, the present invention may use a physical address of a bad sector 
formed in the portable recordable medium during the manufacturing process, encrypts a header of 
the encrypted digital contents stored in the portable recordable medium, and records the encrypted 
header on the physical address of the bad sector of the portable recordable medium for preventing 
an illegal copy of the downloaded digital contents through a terminal after the digital contents have 
been downloaded. 

BRIEF DESCRIPTION OF THE DRAWINGS 

A more complete appreciation of this invention, and many of the attendant advantages 
thereof, will be readily apparent as the same becomes better understood by reference to the following 
detailed description when considered in conjunction with the accompanying drawings in which like 
reference symbols indicate the same or similar components, wherein: 

Fig. 1 is a block diagram illustrating the overall architecture of an implementation of the 
principles of the present invention; 
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Fig. 2 is a block diagram illustrating a registration by an original equipment manufacture of 
a portable device with a certificate authority; 

Fig. 3 is a block diagram showing the registration of [a] Internet service provider's 
registration with a certificate authority; 

Fig. 4 is a block diagram showing the registration of a personal computer and a portable 
device with an Internet service provider; 

Fig. 5 is a block diagram showing usage rules governing a database of a right management 

system; 

Fig. 6 is an exemplified format; 

Fig. 7 is a block diagram showing the basic architecture for various inputs; 

Fig. 8 is a block diagram showing control of outsource import; and 

Fig. 9 is a block diagram showing a copy protection system for portable media. 

7. Please delete page 7 of the original specification except the title of the section 
"DETAILED DESCRIPTION OF PREFERRED EMBODIMENTS". 

8. Please delete the entirety on page 8 of the original specification. 

9. Please delete Figure 5-1 on page 9 and amend pages 9 of the original specification, 
as follows. 
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[3. SOME TERMINOLOGIES] 

For the removal of some ambiguities, in this section, we define some terminologies and list 
up some abbreviated words for a simple description [(most of them are those commonly used in 
PDWG)]. 

First, we have to distinguish the two words, "Portability" and "Transferability" of a content. 
[•] Portability [-] means that a content in a portable media f PM) can be played in any 
portable device ( PD). 

[•] Transferability means that [portability +] "portability" plus "upload of a content is 
allowed from a [PM] portable medium to even [a] an LCM", in this case the content's uploadability 
is to be controlled by [check-in/out system] check-in/out system and its [transferability status] 
transferability status . 

The digital contents which are used in the present invention mean all data including audio, 
video data, as well as character data such as song words, movie caption, and the like to be provided 
through internet. 

Herein after we use the following abbreviated words. 

[•] CA [-] stands for Certificate Authority (e.g. , secure digital music initiative ( SDMD. 
or other trust third party),, 

[•] LCM [-] stands for Licensed SDMI Compliant Module. 
[•] PD [-] stands for SDMI Compliant Portable Device^ 
[•] PDFM [-] stands for Portable Device Functional Module. 
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[•] ISP [-] stands for Internet Service Provider (including Content Provider via the 
Internet). 

[•] PM [-] stands for Portable Media (SDMI Compliant Storage Media^ 
Furthermore, here are presented some notations to be used in the following sections. Even 
though they are some intricate, we are sure that they would help the readers clearly understand the 
concrete method we intend. They are relevant to the algorithmic functional modules. 
[•] ECC - Elliptic Curve Cryptosystem 

[•] PryKey A , PubKey A - Private Key and Public Key of A (this may be LCM, PD 
(optional), ISP, CA, ... ), respectively. 

[•] Cert CA (PubKeyJ - A Certificate for a Public Key PubKey A issued by CA. 
[•] MK PD - The Manufacturer Key within a PD 
[•] ID MK - The Indicator of a Manufacturer Key. 

[•] CK PD . LCM - This is a secure (secret) channel key which is setup between PD and LCM. 

[•] EC_ENC(key, Q - Elliptic Curve based Encryption of a content C by utilizing a 
[ public key ] public key , key. [Where the encryption is the ElGamal-like public key encryption 
process. And Samsung can support its own ECC implementation technique that is very effective for 
both S/W and H/W implementation.] 

[•] EC_DEC(£ey, C) - Elliptic Curve based Decryption of a ciphertext (encrypted text) 
C by utilizing a [ private key ] private key , key. 



Page 70 of 114 



PATENT 
P55690 

[•] EC_DH(A,B) - A random secret value (key) shared between A and B by Elliptic Curve 
based Diffie-Hellman Key Exchanging Protocol. 

[•] ENC(key, Q - Symmetric Key Encryption of a content C by utilizing a f secrete key ] 
secret key . key±[. Samsung can support its own Symmetric Key Encryption algorithm, named 
"SNAKE " that is very effective for both S/W and H/W implementation and it has been world-wide 
cryptonalized.] 

[•] (DEC(key, Q - Symmetric key decryption of a ciphertext C by utilizing a (" secrete key ] 
secret key , key; 



AIF - 


Algorithm Identifying Field 


API- 


Applied Program Interface 


CCS 


- Copv Control Status 


CDF 


- Content Description Field 


CEK 


- Content Encryption Kev 



CertCA (PubKevA) - Certificate (Data) for PubKevA issued by CA 
CHI - Copyright Holder Information Field 
CTC - Copyright, Transfer, Check-in/Check-out 
ECC - Elliptic Curve based Cryptosvstem 

ECDHaSP.LCM) - random secret value (key) shared between ISP and LCM by Elliptic 
Curve (Cryptosvstem) based Diffie-Hellman Key Exchanging Protocol 

EC-ENC - Elliptic Curve-based Encryption of a content by utilizing a public key 
ENC - Symmetric Key Encryption of a content by utilizing a secret key 
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ICL - Import Control Layer 

ID A - Identifier of A 

IP - Information Provider; 

ISP - Internet Service Provider including Content Provider via the network 

LCM - Licensed SDMI Compliant Module 

MKIT - Manufacturer Key Information Table 

MKPD - Manufacturer Key within a portable device 

PCS - Playback Control Status 

PD - SDMI Compliant Portable Device 

PDFM - Portable Device Functional Module 

PKC - Public Key Cryptosvstem 

PM - Portable Media (SDMI Complaint Storage Media) 

PryKevA. PubKevA - Private Key and Public Key of A (A may be LCM, PD. ISP, CA. and 
the like) 

RMF - Right Management Field 

RMS-DB - Right Management System-Data Base 

RNG - Random Number Generation Unit 

SDMI - Secure Digital Music Initiative 

SH - Secret Header 

SNAKE - Symmetric Key Encryption Algorithm, which is very effective for both software 
and hardware implements and has been world-wide cryptanalized 
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SOI - Source Originator Indicator Field; 
UTD - Update Token Data. 

[Note:] In the above items the Elliptic Curve based Public Key Cryptosystem is just an 
example as a candidate of Public Key Cryptosystem, and so any public key cryptosystem, for 
example RSA, can be used instead of it. But we suggest that SDMI Compliant EMD System 
(Electronic Music Distributing System) adopt the ECC System for the next generation [Pds] portable 
devices , since ECC can be efficiently implemented in such small devices with low cost. 

Also, an internet service provider includes a content provider as well as an information 
provider via network. A personal computer or an LCM is examples as a candidate of the first content 
output unit. A portable device such as MP3 is an example of a second content output unit. A portable 
medium is a general recording medium including smart media. 

FIG. 1 is a schematic view for explaining a system for preventing an illegal copy of digital 
contents according to an embodiment of the present invention. 

A certificate authority 1 10 generates a first table having the manufacturer key and the 
manufacturer key data, and a second table having an identifier (ID) of the portable device 150. a 
token, T, and the information CENC(MK P D , T)) of the token encrypted by the manufacturing key. 
That is. the certificate authority 1 10 generates the manufacturer key, MK P D , and its certificate data. 
Cert(MK P P ). in accordance with a first registration request signal 1 2 1 inputted from a manufacturer 
120 of portable devices 150. and outputs a manufacturer key and a manufacturer key data to the 
manufacturer 120. 
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The manufacturer 1 20 of the portable devices 1 50 outputs the registration request signal 1 2 1 
to the certificate authority 110 and receives the manufacturer key and the manufacturer key data 
generated by certificate authority 1 10 in accordance with the first registration request signal 121. 

An internet service provider (ISP) 130 including a content provider via the internet outputs 
a request signal 1 3 1 to the certificate authority 1 1 0, receives a pair of keys and the certificate of the 
key which are generated in the certificate authority 1 1 0 in response to the registration request signal 
1 3 1 of the ISP, and the second table from the certificate authority 1 1 0. 

A licensed SDMI (secure digital music initiative) compliant module (LCM) 140 as a first 
content output unit outputs a registration request signal 141 to the internet service provider 130 in 
order to receive the digital contents, receives the public key and the data of the public key generated 
in response to the request signal 141. bypasses the data of the manufacturing key of the portable 
device 150 to the ISP 1 30, and encodes and outputs the manufacturer key detected from the second 
table in response to the manufacturer key data. 

The portable device 1 50 as a second content output unit stores the manufacturer key and the 
manufacturer key data transferred from the certificate authority 1 10. outputs its manufacturer key 
to the internet service provider 1 30 through the LCM 140, and receives the manufacturer key data 
of the second table, which is encrypted, supplied from the LCM in order to judge if the stored 
manufacturer key is authenticated. 

The first table, as shown in FIG. 2, contains the manufacturer key data (Cert(MK P D )), the 
manufacturer key (MK P P ). and an identifier (ID MK ) corresponding to the manufacturer key data and 
the manufacturer key, and is stored in only the certificate authority 1 1 0. Further, the second table is 
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generated from the certificate authority 1 10 and outputted to the internet service provider 130, and 
contains the identifier(ID M1 A data (ENC(MK P P , T)\ and a token(T) which is encoded by the 
manufacturing key. 

At this time, the certificate authority 1 10 forms a first channel kev(k) which can be shared 
with the internet service provider 1 30 in accordance with the registration request signal 1 3 1 inputted 
from the internet service provider 1 30, and outputs the first authentication qualification key and the 
first authentication qualification key data 1 1 1 which are encoded into the internet service provider 
130 through a secret channel formed by the first channel keyflc). 

The first channel key is a key generated from encryption of the certificate authority 1 10 by 
using the data which the internet service provider 130 has. 

[4. BASIC REQUIREMENTS FOR THE SECURE SETUP OF LCM AND PD] 

Here, we present the minimum substances (algorithms) that are needed for the insurance of 

the security of LCM and PD. It is assumed that the content compressing and decompressing 

CODECs are built in each device in either S/W-form or HAV-form. 

[4.1.] For the LCM , Public Key Cryptosystem (PKCV Symmetric Key Encryption 
Algorithm, and Secure Chek-in/Chek-out System are explained hereinbelow. 

[•] Public Key Cryptosystem (PKC) [-] such as ECC, RSA, ... (ECC is more preferable), 
[-> This] is to be used for the secure key setup of LCM, the validity check of ISP's Public Key 
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Certificate, and the secure channel construction between ISP and LCM. [•] Symmetric Key 
Encryption Algorithm [-] such as SNAKE,[...] [-> This] is to be used for the content encryption, the 
authentication to a PD, and the secure channel construction between LCM and PD. [•] Secure 
Chek-in/Chek-out System [- It] is to be presented in FIGS. 5 and 6 for explaining [in section 6, 7] 
how to construct this system and how to securely maintain it. 

[4.2] For the PD , Public KevCryptosvstem (PKCL Symmetric Key Encryption Algorithm, 
and Manufacturer Key, MK PD are explained hereinbelow. 

[•] Public Key Cryptosystem (PKC) [-] is an optional to PD 150 . 

[•] Symmetric Key Encryption Algorithm [-] such as SNAKE, [...] [-► This] is to be used 
for the content encryption, the authentication to [a] the LCM, and the secure channel construction 
between PD and LCM. 

[ • ] Manufacturer Key, MK PD , [-] is the pre-s'et manufacturer key in a temper resistant area 
within the PD. 

11. Please delete Figure 5.1-1 on page 11 and amend page 11 of the original 
specification, as follows. 

[-►] This is to be used for the secure registration of a PD to LCM. 
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[4.3] For the PM A [There] there needs an apparatus or a pre-set special information within 
a PM to protect contents in it from the dead-copy to another PM. It is desirable, we think, to use the 
unique ID based approach, that is the method that the manufacturers of PM imbed a unique ID of 
each PM in the write-protected area of it while they manufacture it. This can be considered as a low 
cost method to dead-copy protection for the [1st] first generation PM. 

[5. INITIALIZATION (KEY SETUP) MECHANISM] 

[There] Regarding the initiation mechanism of the present invention, there are [4] four 
registration mechanisms relative to ISPs, LCMs, and Pds. The four registration mechanisms include 
the registrations of the portable device manufacturers to the certificate authority, of ISP to the 
certificate authority, of LCM to ISP and of the portable device to LCM, and of multiple LCMs or 
multiple PDs. The manufacturers' registration to CA [is preceded] precedes ahead all the others. 

[5. 1 Registration of PD manufacturers to CA] 

The registration of the portable device manufacturer 120 to the certificate authority 1 10 is 
illustrated in FIG. 2. 

[Prior to manufacturing PD, the manufacturers should register to CA to get their 
manufacturer key, MK PD , and its certificate, Cert CA (ID MK ), and then produce the SDMI Compliant 
Portable Devices by using them. Where such registered manufacturer keys are securely stored in 
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C A's DB and only C A maintains the information. The manufacturer should keep their manufacturer- 
key and its certificate in safe, maintain it securely, and imbed them in a temper resistant area of PDs 
while he manufactures PDs. In the Fig. 5.1-1 an illustrated example is depicted.] 

[In this figure, when a] When the manufacturer 1 20 requests [request] its registration to CA 
1 10 , CA 110 certifies it and then generates a manufacturer key, MK PD and make its certificate data, 
Cert CA ([ID MK ]MK PD ), to deliver them to the manufacturer 120. At the same time CA HO generates 
a random token, T, to make (or update) the Manufacturer Key Information Table (MKIT) for [the 
other] an ISP-registration. Once after [a] the manufacturer 120 gets [got] the data, {MK PD , 
Cert CA ([ID MIC ]MK PD )}, [he/she] the manufacturer 120 can [manufactures Pds] manufacture the 
portable devices by imbedding those [secrete] secret data within a temper resistant area of [PDs] the 
portable devices . 

Therefore, the portable devices 150 manufactured by the manufacturer 120 are authorized 
by the certificate authority 1 10 to store the downloaded, encrypted digital contents. 

[5.2 Registration of ISP to CA] 

[The following Fig.5.2-1] Fig. 3 shows how for [an] the ISP 130 to register to CA JT0 and 
what information to get from CA JJ_0. For an ISP to register to CA, firstly it generates its ephemeral 
private-public key pair {PrvKey eph , PubKey eph } to open a secure channel between CA and itself by 
EC_DH(CA, ISP) and provide a safe way to communicate each other without allowing an illegal 
copy of the downloaded information through the channel . A pair of keys and key data { PrvKev j:p 
PubKeV j Cert C A (PubKey , SP ) } are generated and stored in the certificate authority 1 10, and two 
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tables are formed in dependence with the manufacture key. The certificate authority 1 1 0 encrypts and 
transmits the encrypted key and key data to internet service provider 130 through the channel in 
order to co-own the key and key data. Secondly the ISP 130 gets its semi-permanent private-public 
key pair {PrvKey ISP5 Cert CA (PubKey ISP )} and [MKIT] the manufacturer key information table data 
[appeared in Fig. 5.1-1] through the secure channel. Where CA's certification to the ISP should be 
proceded ahead all these procedures. [Note:] ISP ! s [Key Pair] key pair should be securely stored. 

12. Please delete Figures 5.2-1 and 5.3-1 on page 12 and amend page 12 of the original 
specification, as follows. 

[Note:] The LCM's [Key Pair] key pair should be securely stored, where the host's various system 
parameters may be used for this goal. 

[5.3 Registration of LCM to ISP and of PD to LCM] 

Here the LCM registration mechanism to an ISP together with PD registration is described. 
As in [the fig.5.3-1] Fig. 4. LCM gets the ISP's Public Key Information {PubKey lsp , 
Cert CA (PubKey 1SP )} at first and verifies its validity by using the CA's [ Public Key] public key 
Information which was already announced or preset within the LCM in a code-imbedded-like 
method. 
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13. Please amend page 13 of the original specification, as follows. 

If the validity of the certificate for the ISP's [Public Key] public key is certified, the LCM 140 
executes the handshaking protocol to get an ephemeral shared key by utilizing Elliptic Curve based 
(or other PKC based) Key Exchanging Protocol. Through this secure channel, the ISP can deliver 
in safe the LCM's permanent private-public key pair for a static secure communication and a secure 
content transaction between the LCM and the ISP. [For a PD to register to the LCM, it has to toss] 
When a request signal 1 5 1 is transmitted from the potable device 1 50 to the LCM 140, the portable 
device 150 tosses the certificate data for its ID of the manufacturer key [and the LCM gets this data 
from the PD to send this to its connected ISP in the encrypted form, EC_ENC(PubKey iSP 
Cert CA (ID MK ))] to the LCM 140. The LCM 140 sends them to its connected ISP 130 in the encrypted 
form, EC ENC(PubKev [SP Cert CA £ID MK }}. 

[Using this, the ISP can verifies the manufacturer key] The internet service provider 130 decrypts 
the encrypted information and [can extract its relevant data, T*||T by looking up MKIP in ISP's DB 
to transfer it to the LCM in secure manner, i.e. by EC_ENC(PubKey LCM? T*||T). For the LCM and 
the PD] compares the decrypted information with the information of the second table. If the 
decrypted information is identical to the information of the second table, the internet service provider 
1 30 encrypts the content of the table and transmits it to the LCM 140 in a secure manner. The LCM 
1 40 decrypts the encrypted information to obtain the information of the token. For the LCM 1 40 and 
the portable device 150 to [setup] set up a shared [secrete] secret key and to complete the [PD] 
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portable device registration, the LCM 140 randomly generates their static and secret channel key a 
CK PD LCM , and encrypts and sends ENC(T,CK PI>LCM )||T\ Upon receiving [this] these data, the [PD] 
portable device 140 can extract the token value T from T* by using the manufacturer key and , by 
using this token, the [PD] portable device 140 can also compute CK PI>LCM and store it . As the [PD] 
portable device 140 securely stores this channel key a the [PD-registration] portable device 
registration is finished. 

[Note 1 :] The [Channel Key] channel key, CK PD _ LCMi may be originated from [PD] portable device 
150 instead of LCM 140. In this case the [PD] portable device 1 50 receives the data T* from the 
LCM and gets the token T by decrypting T* with its manufacturer key. And then the [PD] portable 
device generates a random channel key CK PI>LCM to upload ENC(T, CK PD . LCM ) to LCM. 
[Note 2 :] The part of the record in the manufacturer key information table ( MKIT r(inl ) of the 
LCM[)] 140 stays in encrypted form by using the LCM's [secrete] secret key (this key maybe LCM's 
[Public Key] public key ). 

[Note 3 :] In practice, during the [PD] portable device 1 50 registration to LCM HO, [the RMS-DB 
updating] , an update token data (UTD [appeared in section 6. 1 ]) of Right Management System-Data 
Base (RMS-DB) should be transferred from the [PD] portable device 150 to the LCM 140 (or from 
the LCM 140 to [PD] the portable device 150 ) together with CK PD . LCM and be set both in the RMS- 
DB and in the [PD] portable device . Therefore, all the units and terminals in this system are 
authorized to transmit and receive the encrypted digital contents between the units and terminals. 

[5.4 Registration of Multiple LCMs or Multiple PDs] 
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[Our] As shown in FIG. L the architecture and the file format of the present invention can 
allow users to register their own limited number of LCMs or PDs. The number may be limited by 
ISP or by CA. 

[• Registration of Multiple LCMs -►] To register a plurality of LCMs. since ISP maintains 
the private-public key pair of the firstly registered LCM of [an] a user's multiple LCM's, ISP can 
securely deliver the same key pair to the another LCM of the user's. 

[• Registration of Multiple PDs ->] To register a plurality of portable devices, since LCM 
securely maintains the secret channel key between the LCM and PD, the LCM can securely deliver 
the same key pair to the another [PD] portable device of the user's in the same manner depicted in 
Fig. [5.3-l]4. 

Fig. 5 shows exemplified implementation for the management rule of RMS-DB when a 
content downloading occurs. 

[6. COMPONENTS WITHIN LCM AND PD] 
[6. 1 Functional Components in LCM] 

[• Right Management System] 

[-►] To manage the information CTC= {Copyright, Transfer, Check-in/Check-out} , the LCM 
[has to maintain] 140 maintains the Right Management System [DB] Database 143 , named RMS- 
DB in a secure manner. [Here we propose our secure Right Management System. In this system we 
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focus] The Right Management System is described, focusing on the content transaction between 
LCM J40 and PC 150. 

The RMS-DB [consists of the title (or Title-ID)] contains an update token data area 143 a. a 
title , CTC (copyright, transfer, check-in/check-out) field 143b, [Playback Control Status] a playback 
control status data area 143c (PCS : the permitted times to play, the amnesty period, ...) [and Update 
Token Data (UTD)]. [This DB stays in LCM in the encrypted form by utilizing LCM's secret key. 
An important characteristic of the Update Token Data (UTD) is that it is generated from PD 
whenever any content downloading or uploading session between PD and LCM occurs and that it 
is also stored in the PD.] 

[Whenever a content is played back at first in LCM, the above right management information 
of the content's file format is newly registered to the RMS-DB. Once a content is registered to the 
RMS-DB, every playback procedure should priory reference to the DB to check the content's 
validation. The following Fig.6. 1 - 1 shows exemplified implementation for the management rule of 
RMS-DB when a content downloading occurs.] 

14. Please delete Figure 6.1-1 on page 14 and amend page 14 of the original 
specification, as follows. 

[Notel :] The part of the record in RMS-DB (in LCM) stays in encrypted form by using the 
LCM's [secrete] secret key [(this key may be] such as CK PD4jCM [)]. 
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[Note 1 :] The UTD part 143 a may have a few number of Updating Token Data depending on 
the number of a user f s own PDs. 

[Note : The RMS-DB may maintain a finite number of UTDs depending on the limited 
number of user's own PDs which were already registered to the LCM.] 

The most important area in the database is the update token area 143a, and the update token 
area 1 43a has different values when the update token area 1 43a downloads a digital content from the 
LCM 140 to the portable device 1 50, or uploads the digital content from the portable device 1 50 to 
the LCM 140. At this time, the update token is transmitted to the LCM 140 through the portable 
device 150 to update the stored token in the LCM 140. 

[•] [PD Import Control] 

A portable device import control is a layer existing in the [This layer exists in] LCM 140 to 
import SDMI Compliant contents from ISPs or to import non-SDMI Compliant outsource contents 
([,] e.g. RedBook [CDS] CD, DVD, ...). [And so] Therefore, this layer should contain such 
capabilities as the followingsf.]: 

[•] Trans-Coding [->] to make PD decompress the input with its CODEC[.] 9 

[•] Trans-Encrypting [->] to make PD decrypt the input with its Encryption System , and f.] 

[•] Converting the input to SDMI Compliant the format. 

[• PD Interface] 
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[This] PD Interface has the following capabilities^]: 
[•] Authenticating to PD , and 

opening [• Opening] a secure channel between LCM and PD^ 

[• ISP Interface] 

[This] ISP Interface has the following capabilities^]: 
[•] Authenticating to PD , and 

[• Opening] opening a secure channel between LCM and PD^ 

[6.2.] Functional Components in PDFM has LCM Interface and Import Control within PDFM. 
[• LCM Interface] 

[This] LCM Interface has the following capabilities^.] 

[•] Authenticating to LCM , and 

[• Opening] opening a secure channel between PD and LCM. 
[• Import Control within PDFM] 



15. Please delete a chart on page 15 and amend page 15 of the original specification, 
as follows. 
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[This] The import control within the portable device has the capability to import a outsource 
analog input and to make it fit to the SDMI Compliant file format. Where the converted SDMI 
Compliant content should have the binding information to the PD to be played only via the PD. 

[7. SDMI COMPLIANT FILE FORMAT] 
FIG. 6 shows an exemplified file format. 

[The SDMI-Compliant file format should contain the following information and should allow 
extendibility and flexibility:] 

As shown in FIG. 6. the SDMI compliant file contains a plain header 610, a secret header 
620, and a file body 630. The plain header 6 1 0 comprises a title- ID 6 1 1 , a content description field 
(CDF) 612 (e.g.. Title, Composer, Artist, Record-label) , and an algorithm identifying field (AIF) 
613. The secret header 620 contains a device-identifier 621 (i.e., LCM ID, PD ID. or PM ID), a 
source originator indicator field (SOI) 622 (i.e.. ISP, LCM (CD-ripping, Audio input), PD (Analog 
input), or Kiosk), a copyright holder information field (CHI) 623, a right management field (RMF) 
624, and a content encryption key 625. The file body 630 contains a symmetric key encryption of 
content by utilizing a secret key (ENC(k, Content)). 

[• Indication of Source Originator ISP, LCM (CD-ripping, Audio input), PD (Analog 

input), Kiosk, ...] 

[• Device IDentifier -» LCMJD, PDJD, PM_ID] 
[• Algorithm Information Field 

/ Authentication secret sharing algorithm identifier EC (Elliptic Curve)- 
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Signature, EC-DH, ... 

/ Encryption algorithm identifier -» SNAKE, ... 
/ Codec algorithm identifier -* MP3, AAC, ... 
/ Encryption key information of content] 
[• Right Management Field] 

Right management field 624 contains the Copy (e.g.. Copv-N ever/Cop v-Free/No-More-Copv 
mode) , Check-In/Out mode . Transfer mode (i.e., transferable or not) and Playback Control Status 
(e.g., allowable number of times to be played (unlimited or n-times), expiration date, and amnesty 
period) , which are to be encrypted by secret key of the device. 

[/ Copy-Never/Copy-Free/No-More-Copy mode 

/ Check-In/Out mode 

S Transfer mode (Transferable or not) 

/ Playback Control information 

- Allowable number of times to be played (unlimited or n-times) 

- Expiration date 

- Amnesty period] 
[* Copyright holder information 

• Content description field Title, Composer, Artist, Record-label, ...] 
[Here is illustrated an exemplified file format.] 
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[We divided the above file format into the following three parts and we call them as in the 
following: 

• Plain-Header (PH) --{Title-ID, CDF, AIF} 

• Secret Header (SH) {Device-ID, SOI, CHI, RMF, Content Encryption Key} 

• File Body (FB) - {The Encrypted Content by using the content encryption key in SH} .] 



16* Please amend page 16 of the original specification, as follows. 

[8. SECURE CONTENTS TRANSACTION RULE OVER ISP-LCM-PD-PM] 
[8.1. Contents Transaction from ISP to LCM] 

The rules to transfer contents securely over ISP-LCM-PD-PM are as follows. 

When the [an] ISP receives a content downloading request from [a] the LCM, it confirms the 
LCM f s ID and then downloads the content with the file format of [section 7] FIG. 6 to the LCM. For 
the LCM to play the reached content, it follows the [below] following steps in this order[:] . 

[- Finding] First, the LCM finds out the encryption algorithm from the field AIF 613 in PH 

610 . 

[- Using] Second, the fields in the secret header 620 are recovered by using the found out 
encryption algorithm and LCM's [secrete] secret key (private key) to recover the fields in SH. 
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[- Comparing the Device-ID field with its ID] Third, the Device-ID field 62 1 is compared 
with the ID of the LCM to check if there is correspondence between the two. 

[- From the RMF information confirming the Copy Control Status, Playback Control Status, 
and Transfer Control Status to register it to its RMS-DB] In the case of correspondence, the copy 
control status from the RMF data, the playback control status, and the transfer control status are 
identified to register them in the databasefRMS-DB) which the LCM 140 has. 

[- Recovering the content encryption key from CEK to recover the real content from FB] 
After the above process is performed, the digital content encryption key is extracted by using a CEK 
field, and the encoded digital content is interpreted by using the encryption key. 

[-] If any of the above lists [does not violate] is not violated , [playing] the music can be 

played . 

If it is needed to modify the RMF [field] 624, especially the Playback Control Status (PCS), 
the LCM 140 has to [replace] update the data both in the file and in the RMS-DB following the 
controlling direction. 

In the case of changing the RMF 624 of the file formats, in particular the playback control 
status, the LCM 1 40 replaces the playback control state data in two places of the database(RMS-DB) 
and the file format with desired data. 

[8.2. Contents Transaction from LCM to PD] 
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The procedure for [a] the LCM HO to download [a] the content to its [PD follows the below] 
portable device 1 50 includes the following steps: 

[-] First, the LCM HO requests the PD-ID and UTD [data ]to the [PD] portable device 150 . 

[-] Second, the portable [PD] device 150 sends the ENC (CK P[>I CM , UTD II PD-ID) to the 
LCM HO. 

[-] Third, the LCM 140 recovers the PD-ID and confirms it. 

[-] Fourth, the LCM 140 recovers the UTD and [SH part] the fields in the secret header 620 
and compares them with those in its RMS-DB.[ - ] If UTD is correct and if any alteration of 
RMF is needed, the LCM updates the contents of RMF both in RMS-DB and in the file format. 

[-] Fifth, the LCM 140 updates UTD of RMS-DB [by] with a newly generated [UTD*1 UTD, 
and ENC (CK PD _ LCM , UTD*) is to be sent to the PD. 

[-] Sixth, where the Transfer Control Status field has the three types, "Transfer", 
"Transferred", and "Transfer-non", and [If] the Transfer Control Status indicates [as] "Transfer", 
[then replace it by] "Transfer" is replaced with "Transferred" [to] in the Transfer Control Status field 
in RMS-DB , but not in the file format. Where the Transfer Control Status field has the three types, 
"Transfer", Transferred", and "Transfer-non". 

[-] Seventh, if the Copy Control Status (CCS) indicates "Check-in", [then replace it] it is 
replaced by "Check-out" [to] in the Copy Control Status field both in RMS-DB and in the file 
format. 

[-] Eighth, if the Copy Control Status (CCS) indicates "Copy-Never", the content 
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downloading to [a PD] the portable device is denied. 

[-] If any of the above lists [does] is not [violate] violated ,[ downloading] the content is 
downloaded to the PD. 

[8.3. Contents Transaction from PD to PM] 

Hereinafter the process of the digital contents between the portable device 150 and the 
portable recording medium 160 as a content storage medium for preventing an illegal copy in 
downloading the digital content, which the portable device has, to the portable medium 160 is 
explained. 

[• For the case that a unique ID of each PM exists:] 

Firstly, if there is its owned ID in the portable medium 1 60. the portable device 1 50 records 
the digital contents which are encrypted by using the ID. 

[For a PM to write a content on a PM, it just writes the content on the PM and it recovers the 
Secret Header (SH) and re-encrypts it by using the unique ID of the PM as an encryption key.] 
[• For the case that a unique ID of each PM does not exist:] 

[For a PD to write a content on a PM, it just writes the content on the PM and it recovers the 
Secret Header (SH) and re-encrypts it by using a] Secondly, if there is its owned ID in the portable 
medium 160, the portable device 140 records the digital contents which are encrypted by using 
randomly generated key.[ Where the] The randomly generated key[, say] T[,] is encrypted by using 
a [common secrete] key, S, of the general secret key[, S (this] which is [a preset value] 
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predetermined by the manufacturer 120 of the [PD), and] portable device 150. 

The encrypted T is [also written] recorded on [a] the hidden area of the PM. 

[8.4. Portability of PM] 



17. Please delete Figure 9-1 on page 17 and amend page 17 of the original specification, 
as follows. 

[For the first case of the section 8.3] Where there is its own ID in the portable medium 160 , 
all contents within the [PM] portable medium can be played by all [Pds] the portable devices , but, 
[for the second case] where there is not its own ID , all contents within the [PM] portable medium 
160 can be played only by the [Pds] portable devices produced by the manufacturers which adopted 
this system. [Any way] Anyway it is certain that this system can [supports] support the portability 
of contents via [Pms] the portable media . 

[8.5. Transferability of a Content ] 

As previously we defined[ in section 3], the "Transferability" is a different concept from the 
"Portability" of a content. The main difference is that the content with "Transferability" can be not 
only played in any [Pds] portable devices but also uploaded to any LCMs, but not in the case of 
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"Portability". Since [our] the present system has and manages the Transfer Control Status field both 
in the RMS-DB and in the file format, [our] the present system can support the transferability of [a] 
the content. If there is marked "Transfer" in the field of a content and if the content is just 
downloaded to [PD] the portable device , then the LCM downloads it to the [PD] portable device and 
replaces "Transfer" by "Transferred" in the relevant field of RMS-DB. Then the content, which has 
been downloaded to [a PD] the portable device , can no longer be played in the LCM until it is 
uploaded to the LCM again, but the downloaded content in [a PM] the portable medium 1 60 can be 
played by any [Pds] portable device and can be uploaded to another LCM via [a PD] the portable 
device . 

[Note:] If the Copy Control Status (CCS) of a content contained in a [PM] portable medium 
indicates "Copy-Free", the content can be uploaded to any LCMs. 

[9. OUTSOURCE INPUT] 

As shown in [Fig 9-1] Fig. 7, various inputs such as originated from RedBook CD, Audio 
CD, Super Audio CD, DVD Disk, and analog Device are allowable to LCM optionally. An analog 
input to PD is also allowable. The secure import control for those several inputs to LCM or to PD 
is presented [in the next subsections] hereinbelow . 

[9. 1 . Basic Architecture for a Secure Import Control] 

The audio signal inputted through the input devices is inputted to the LCM 140. and encoded 
according to a system supported in the present invention, and then transmitted to the portable device 
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150, or transmitted to the portable medium 160 to be reproduced through the portable device 150. 

The kiosk 1 70 generates a registration request signal for selling an encoded digital content 
by the internet service provider 130 through the LCM 140. Therefore, the internet service provider 
130 provides to the kiosk 170 the portable medium 160 having digital contents encoded by the 
system supported in the present invention according to the registration request signal, and the kiosk 
receives fees from users and transmits the digital contents stored in the portable medium 160. Kiosk 
1 70 is a store or vending machine selling a recording medium or digital content which is reproduced 
in this system. Machine on Kiosk is regarded as a personal computer having an interface of the 
digital content portable medium 1 60. The recording medium interface can be used by anyone having 
a supply agreement with an intellectual property right owner or the digital internet service provider. 

FIG. 8 is a view for showing an output source of Fig. 7 capable of being additionally 
connected to the embodiment of the present invention. 

As shown in [the] Fig. 8 [9.1-1], the host device, in which the LCM module exists, has at 
least the following three layers (two of these exist in the LCM module). 



18. Please delete Figure 9.1-1 on page 18 and amend page 18 of the original 
specification, as follows. 
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[• Authenticated Input API] 

[This API] Authenticated Input API 810 has the roles [that confirms] of confirming the 
validity of the input and [extracts] extracting some required information to convert the input into a 
SDMI Compliant format. 

[• Validity Check ] 

[- If] With respect to the role of confirming the validity of the input, if the input data [has] 
have a watermark, then this API should be able to detect it. 

[-] If the input data [takes] take an encrypted (or scrambled) form, then this API should be 
able to extract its encryption key and the encryption (or scrambling) algorithm. 

[-] If the input data [does] do not take any protected form, then the API should confirm the 
validity of written format of the media containing the input data. 

The API checks if an input device and data inputted from the input device are suitable for the 
system and transmits the following data to the import control layer 820. 

[• Required] The required data for the API to pass over to the Import Control Layer[.] are 
as follows: [- Information] Information of the media (source) type [-*] ( e.g., Audio CD, DVD 
Audio,[. ..][-] Information of the originator of the input content, [-] Information of the content [-»] 
( e.g.. Title, if any, Player, Artist),[ ...] [-] Information of the encryption algorithm if any, [-] 
Information of the encryption key if any. 

[•][ PD Import Control] 

[This] The Import Control Layer 820 gets a bundle of information from the Authenticated 
Input API and reconstructs the input content to meet a SDMI Compliant file format by following the 
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rules listed below: 



19. Please amend page 19 of the original specification, as follows* 

[•] Copy Control Status [-* mark] is marked as "Copy-Never" or "Check-in/Check-out" 
(optionally).. 

[•] Playback Control Status [-> mark] is marked as "Times to playback = infinite or N" 
(N: optional),, 

[•] Transfer Control Status [-> mark] is marked as "Transfer-Non f \ 
[•] Mark the "LCM-ID" into the SOI field and Device-ID field of SH (Secret Header) 
[•] If the input content is not encrypted, [then generate] a random key is generated and 
[encrypt it] encrypts the input content by the random key. 

[ [•] If the input content takes an encrypted form by other encryption algorithm different from 
the PD's, then this layer trans-encrypts the content to be played in the PD. 

[• Public- Key- Encrypt such made] The secret header part is encrypted by LCM f s public key. 

[• PD Interface] 

[This] PD Interface laye r 830 authenticates the connected [PD] portable device 150 by 
checking whether the [PD] portable device 1 50 has its correct ID and the secret channel key, CK PD . 
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u^. [Where the] The Kerberos Authentication Protocol may be used (refer to: A.J. Menezes, P.C. 
Oorschot, and S. A. Vanstone, Handbook of Applied Cryptography, pp. 40 1 -403, CRC Press, 1 996). 

[9.2. Analog Input to PD ] 

The Import Control Layer (ILC) _860 within the [PDFM] portable device 150 makes a SDMI 
Compliant compressed digital content from the analog input by following the rules listed below: 

[•] Upon reception of each frame of the analog input, the ICL [does encoding] encodes the 
frame and[ does encrypting it] by a randomly generated key. If all the frames [has] have been 
encrypted[ follow^ the next steps are followed . 

[•] Copy Control Status [ -> mark] is marked as "Copy-Never" or "Check-in/Check-out" 
(optionally) 

[•] Playback Control Status [ -» mark] is marked as "Times to playback = infinite or N" (N: 
optional),, 

[•] Transfer Control Status [-> mark] is marked as "Transfer-Non". 
[• Mark the "PD-ID"! The "PD-ID" is marked into the SOI field and Device-ID field of SH 
(Secret Header)]. 

[•] The portable [Encrypt such made] device encrypts the secret header part by [PD's] channel 

key. 

[Note:] If [such] the converted SDMI Compliant content from the analog input has its SOI 
field 622 of [SH Qthe Secret Header[)] with marked "PD-ID", then the procedure of writing the 
content on a [PM] portable medium (PM) does not use the unique ID of the PM. [ 
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->] This means that such content as made from an analog input to a [PD] portable device is 
not allowed to have the "Portability". 

[9.3 Kiosk] 

[An example for the "Kiosk" may be a shop or a machine that makes a bundle of SDMI 
Compliant contents into PMs from CD-Ripping, etc. and sells them. Here we regard such Kiosk-like 
machine as a special LCM with PM-Interface that has a special contraction with some ISPs and 
groups of copyright holders. Hence, to make a SDMI Compliant PMs from other physical media, 
the Kiosk-like machine follows the same routines as described in section 9. 1 and 8.3.] 

[10. CONCLUSION] 

[In this article we proposed a secure copy protection mechanism for the Internet based MOD 
Services. One of our proprietary modules is relevant to the use of and management of MKIT table 
appeared in the PD registration procedure. Another one is relevant to the construction of secure 
Check-in/Check-out system which securely maintains the contents downloading/uploading between 
LCM and PD.] 

20. Please delete the entirety on page 20 of the original specification. 

21. Please amend page 21 of the original specification, as follows. 
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Hereinafter, the copy protection scheme for portable media is described. 
[SAMSUNG Copy Protection Scheme for Portable Media] 
[1. Unique ID, ID (Optional feature)] 

[•] PM may optionally support unique ID for [ 1 st] first Generation PM. [•] If [Unique] the 
unique ID is not supported, [Physical] the physical address of a bad sector of [PM] the portable 
medium is used instead. [•] If unique ID is supported, it should be one-time writeable during the 
manufacturing stage only, and readable only by [PD] the portable device with a special command. 

[2. Channel key, CK] 

[• CK] Channel key (CK) is a shared key between LCM and PD. [ 

•] To support portability, CK is not considered as input to function f(). [ 

•] If CK is included, it provides additional security to the content stored in PM. CK may take 

various forms depending on the application usage and right management rules. 

[3. Physical Address of Bad Sector of Portable Media,] With respect to a physical address 

of bad sector of a portable media, P, [ 

• The] the usage of P prevents the playback of illegally copied content from PM to PM by 
simple "dead-copy f \ 

Referring to [4. Spared Area] a spared area, [ 

• A] a special command known only to the manufacturer needs to be known to access this 

area. 

The copy protection system for the portable media is shown in FIG. 9. 

First, the portable device 1 50 and the LCM 1 40 share a channel key to form a secure channel 
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between them. 

The portable device 1 50 receives as inputs and function processes a physical address of a bad 
sector of the portable medium 1 60, a random number, and a secret channel key which is transmitted 
from the LCM 140 and stored in the LCM 140. With the processed value, the portable device 1 50 
encrypts a header of the digital contents and transmits it 1 60, Hash function or one way function can 
be used for the function process. At this time, what generates the key for encryption is the function 
process means 149. 

Function process means 149 receives as an input the physical address of the bad sector 
transmitted from the portable medium 160 and receives as an input the random number through the 
random number generating means (RNG) 159. The random number is also transmitted and stored 
in a spare area of the portable medium 160. 

The portable medium 160 transmits the physical address of the bad sector, stores a random 
number generated in the portable device 1 50 as an input in the spare area, and stores as sector data 
the encrypted header information encrypted by the processed value and the encrypted digital content 
inputted through the portable device 150. 

It is optional to encrypt the header of the digital content by function processing after receiving 
all of the commonly owned key, random number, and the physical address of the bad sector or one 
of the commonly owned key, random number, and the physical address of the bad sector. 

The digital content can be downloaded to the portable medium 160 through the portable 
device 150 or directly from the LCM 140. , 

Even if the portable medium is copied to another portable medium, the digital content in the 
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portable medium cannot be reproduced from the portable medium. Therefore, this invention provides 
the effect on basically protecting illegal copy. 

As stated above, the preferred embodiments of the present invention are shown and 
described. Although the preferred embodiments of the present invention have been described, it is 
understood that the present invention should not be limited to these preferred embodiments but 
various changes and modifications can be made by one skilled in the art within the spirit and scope 
of the present invention as hereinafter claimed. 

22. Please delete pages 22 to 45 of the original specification (i.e., pages 1 to 22 of the 
English translation thereof). 
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IN THE ABSTRACT 

Please enter the following amendments based on the pages 29 to 30 in the English translation 
corresponding to the Abstract (pages 53 to 54) of the original specification: 

Abstract of the Disclosure 

[In order to prevent an illegal copy of an encoded digital content downloaded by users for 
reproduction, all systems] 

Systems connected to [the] users generate a plurality of keys which are mutually shared, and 
download and upload [the] digital [content] contents by usin g secret channels formed between [units 
performing mutual communication. 

A unit for supplying the digital content] the systems. An information provider receives an 
authorization [of legally supplying the digital content] from [an authorization recognition unit]a 
certificate authority . [The first content output unit] A licensed SDMI compliant module (LCM) is 
authenticated [form] through the [digital content supplying unit. At this time, the digital content 
supplying unit and the first content output unit form a sharing key to form a channel between the 
two. The second content output unit] information provider, and the information provider and the 
LCM form a channel. A portable device is authenticated from the [digital content supply unit 
through the first content output unit, the first content output unit and the second content output unit 
form a channel to the channel key] information provider through the LCM, and the LCM and the 
portable device form a channel . The digital content between the [first content output unit] LCM and 
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the [second output unit] portable device is downloaded and uploaded according to respective control 
state data of the [first content output unit and the second output unit. Accordingly, the digital content 
transmitted between the digital content supply unit, the first content output unit, and the second 
content output unit can be prevented from an illegal copy. A system having a portable recordable 
medium for preventing an illegal copy of digital contents, and more particularly to a system having 
a portable recordable medium by using a physical address of bad sector formed the portable 
recordable medium during manufacturing process of the portable recordable medium and by 
encrypting a header of the encrypted digital contents stored in the portable recordable medium and 
recording the encrypted header on] LCM and the portable device. The system can use a physical 
address of [bad sector of the portable recordable medium. The physical address of bad sector is 
formed on the portable recordable] a bad sector formed in the portable medium durin g the 
manufacturing process [of the portable recordable medium. This is] for preventing an illegal copy 
of the downloaded digital contents through [a terminal] the portable device after the digital contents 
[has] have been downloaded. 

[An illegal copy protecting system having a portable terminal transmitting the encrypted 
digital content which is received from digital content supply unit to a digital content storage medium. 
In another preferred embodiment, the digital content transmitted from LCM ca be stored directly in 
the digital content storage medium. The system includes a portable terminal processing the random 
number stored in spare area of the digital content storage medium such as physical address of the 
bad sector of the digital content storage medium and transmitting the encrypted header of the digital 
content by using the processed value of the random number, and a digital content storage medium 
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reading and transmitting the physical address by using the portable terminal and storing the number 
as a key value randomly generated by the portable terminal, and storing the encrypted header 
information encrypted by the resultant value and the encrypted digital content as sector data] 
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IN THE CLAIMS 

Please cancel claims 4 and 8 without prejudice or disclaimer of their (its) subject matter, 
amend claims 1 -3, 5-7, and 9- 1 7 based on the pages 23 to 28 in the English translation corresponding 
to the claim section, pages 46 to 52, of the original specification, and add new claims 1 8 to 40 (as 
shown in "Clean Version of Amendments" section), as follows: 

1. (Amended) A system for preventing an illegal copy of digital content, said system 
receiving and decrypting encrypted digital content and reproducing [a] the digital content, 
comprising: 

[authorization recognition means] a certificate authority for generating [a] manufacturer key 
[and a manufacturer key data] information and generating [a] first [authentication qualification key 
and a first authentication qualification key data] key information for giving an authorization to 
supply said encrypted digital content : 

a portable terminal supplier supplying [means] a portable terminal said portable terminal 
supplier outputting a first registration request signal to said [authorization recognition means] 
certificate authority and receiving the manufacturer key [and a manufacturer key data] information 
generated by [ authorization recognition means] said certificate authority in accordance with the first 
registration request signa l said portable terminal supplier imbedding the manufacturer key 
information in said portable terminal ; 

axontent [supply means for] supplier transmitting [the] a second registration request signal 
to the [authorization recognition means, storing a first authentication qualification key and the first 
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authentication qualification key data inputted from the authorization recognition means, and 
generating a second authentication qualification key and a second authentication qualification key 
data; and] certificate authority, said certificate authority and said content supplier sharine a first 
secret channel said content supplier receiving and storing said first key information from the 
certificate authority through said first secret channel for supplying said encrypted digital content, said 
content supplier generating and outputting second key information for giving an authorization to 
receive and reproduce said encrypted digital content; 

[PC for] a personal computer outputting a [the] third registration request signal to the content 
[supply means, and storing the second authentication qualification key and the second authentication 
qualification key data] supplier for obtaining said second key information, said personal computer 
having public key information of said certificate authority, said personal computer and said content 
supplier sharing a second secret channel said personal computer verifying said first key information 
inputted from the content [supply means.] supplier by using said public key information of said 
certificate authority and receiving the second key information through said second secret channel 
said personal computer receiving said encrypted digital content through said second secret channel; 
and 

said portable terminal manufactured by said portable terminal supplier for reproducing said 
digital content, said portable terminal transferring the imbedded manufacturer key information to 
said content supplier through said personal computer to be verified by said content supplier, said 
portable terminal and said personal computer sharing a third secret channel for transferring said 
encrypted digital content between said portable terminal and said personal computer. 
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2. (Amended) The system as claimed in claim 1, wherein the [authorization recognition 
means forms] certificate authority generates a first channel key [capable of sharing] shared with the 
content [supply means in response to a first registration request signal inputted from the content 
supply means, and outputs an encoded first authentication qualification key and an encoded first 
authentication qualification key data to the content supply means via a secret channel formed the] 
supplier to form said first secret channel the first key information is encoded by said first channel 
key and then transferred to said content supplier, and said content supplier decodes the encoded first 
key information by said first channel key. 

3. (Amended) The system as claimed in claim 1, wherein the content [supply means forms] 
supplier generates a second channel key [capable of sharing] shared with the [first content output 
means in response to the second registration request signal inputted from the first content output 
means, and outputs an second authentication qualification key and an encoded authentication 
qualification key data to the first content output means through a secret channel formed by the] 
personal computer to form said second secret channel and the second key information is encoded 
by said second channel key , and then transferred to said personal computer . 

5. (Amended) A system for preventing an illegal copy of digital [contents] content , 
comprising: 

[authorization recognition means] a certificate authority for generating manufacturer key 
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information comprising a manufacturer key and a manufacturer key data in response to a first 
registration request signal inputted from an external source , generating first key information for 
giving an authorization to supply said digital content, said certificate authority generating a token 
to make an information table, said information table comprising a first table containing the 
manufacturer key data, the manufacturer key, and an identifier corresponding to the manufacturer 
key, and a second table containing [an] said identifier [corresponding to the manufacturer key data 
and the manufacturer key data from encryption of the manufacturer key by using a token, and a token 
by using the manufacturer key and the manufacturer key data, and generating a first authentication 
qualification key and a first authentication qualification key data in response to the second 
registration request signal inputted from external] , token information encrypted by said manufacturer 
key, and said token ; 

[the first table generated form the authorization recognition means contains the manufacturer 
key data, the manufacturer key, and an identifier corresponding to the manufacturer key, and is stored 
only in the authorization recognition means] 

[record/reproduction apparatus supply means for outputting the first registration request 
signal to the authorization recognition means, and storing the manufacturer key and the manufacturer 
key data inputted from the authorization means;] 

a content [supply means] supplier transmitting [for outputting the] a second registration 
request signal to the [authorization recognition means, storing the first authentication qualification 
key, the first authentication qualification key data, and the second table, and] certificate authority for 
supplying said digital content, said certificate authority and said content supplier sharing a first secret 
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channel said content supplier receiving and storing said first key information and said second table 
from the certificate authority through said first secret channel, said content supplier generating [a] 
second key information [authentication qualification key and a second authentication qualification 
key data in response to a third registration request signal inputted from external]; 

first content output means for outputting the digital content said first content output means 
sending a third registration request signal to the content [supply means, storing the second 
authentication qualification key and the second authentication qualification key data] supplier for 
downloading said digital content from said content supplier, said first content output means having 
public key information of said certificate authority, said first content output means and said content 
supplier sharing a second secret channel said first content output means verifying said first key 
information inputted from the content [supply means, outputting] supplier by using said public key 
information of said certificate authority and receiving the second key information through said 
second secret channel said first content output means extracting the manufacturer key [data inputted] 
information from said second table [external to the content supply means], and encoding and 
outputting the manufacturer key information [detected rom the second table in response to the 
manufacturer key data]; and 

said second content output means for recording and reproducing said digital content, said 
second content output means storing the manufacturer key information, [and the manufacturer key 
data inputted from the authorization recognition means, outputting the manufacturer key data to the 
content supply means through the first content output means, and comparing the manufacturer key 
with the] said second output means transferring said manufacturer key [if the second table inputted 
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from the first content output means in order to judge if the stored] information to said content 
supplier through said first content output means to be verified by said content supplier, said second 
content output means receiving said manufacturer key information of said second table from said 
first content output means to decide if the manufacturer key is authenticated!". 1 , said second content 
output means and said first content output means sharing a third secret channel for transferring said 
digital content between said second content output means and said first content output means. 

6. (Amended) The system claimed in claim 5, wherein a content storage means is further 
included [a storage medium which is mounted to the first content output means or the second content 
output means and which receive and stores data downloaded from one of the first and second content 
supply means] in at least one of said second content output means and said first content output 
means, and said content storage means stores said digital content . 

7. (Amended) The system claimed in claim 5, wherein the [authorization recognition means 
forms] certificate authority generates a first channel key [capable of sharing] shared with the content 
[supply means in response to a first registration request signal inputted from the content supply 
means, and outputs an encoded first authentication qualification key and an encoded first 
authentication qualification key data to the content supply means via a secret channel formed the] 
supplier to form said first secret channel, the first key information is encoded by said first channel 
key and then transferred to said content supplier, and said content supplier decodes the encoded first 
key information by said first channel key. 
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9. (Amended) The system claimed in claim 5, wherein the [first] content supplier [output 
means interprets and stores the] generates a second [authentication qualification] channel key shared 
with the first content output means to form said second secret channel, and the second 
[authentication qualification] key [data] information is encoded by [inputted from the content supply 
means through the secret channel by using] the second channel ke y, and then transferred to said first 
content output means . 

10. (Amended) The system claimed in claim 5, wherein the token is randomly generated by 
the [authorization recognition means] certificate authority . 

1 1 . (Amended) The system claimed in claim [6] 7, wherein the first content output means 
[forms] generates a third channel key [capable of being] shared with the second content output 
means [mounted,] to form said third secret channel and the first content output means encodes the 
third channel key with [a] said token inputted from the content [supply means] supplier and transmits 
the third channel key to the second content output means. 

12. (Amended) The system claimed in claim [5 or 1 1, the second content output means 
extracts a token from encoded manufacturer data from the first content output means] 1 K the second 
content output means decodes the encoded token transmitted from the first content output means by 
using the stored manufacturer key [in advance], [interprets] decodes and stores the third channel key 
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by using [the token to form a secret channel with the first content output means] said token . 

13. (Amended) The system claimed in claim 1 K further comprised of: [for preventing an 
illegal copy of digital contents, comprising:] 

[content supply means for supplying an encoded digital content;] 

said first content output means including a database which has [a] reproduction data of the 
digital content downloaded from the content [supply means] supplier , said first content output means 
encoding the database by using the third channel key for storage, interpreting the reproduction data 
of the digital content [inputted from external] by using the third channel key [to be compared with 
a reproduction data of the database,] to thereby judge if an illegal copy of the digital content is 
performed; and 

said second content output means [for] receiving said reproduction data from said first 
content output means, updating the reproduction data [of the digital content stored in advance by 
interpreting the reproduction data of the digital content inputted from the first content output means 
by using the third channel key] whenever any content downloading or uploading session between 
said first content output means and said second content output means occurs , and transmitting the 
updated reproduction data of the digital content to the first content output means. 

14. (Amended) The system claimed in claim 13, wherein the database is separated with an 
identifier data area of the digital content, an updated token data area, [an] a data area for a present 
state of the digital content, and a reproduction control data area, and has the corresponding data. 
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1 1 5. (Amended) The system claimed in claim 14, wherein the data area for the present state 

2 of the digital content comprises: 

3 first data indicating that the digital content is downloaded in a copy form from the first 

4 content output means to the second content output means; 

5 second data indicating that the digital content is downloaded in a transmission form from the 

6 first content output means to the second content output means; and 

7 third data indicating that the digital content is downloaded and uploaded between the first 

8 content output means and the second content output means. 

1 1 6. (Amended) The system claimed in claim 14, wherein the reproduction control data area 

2 of the digital content includes: 

3 fourth data for reproduction times of the digital content; 

4 fifth data for a reproduction expiration period of the digital content; and 

5 sixth data for an amnesty period of the digital content. 

1 17. (Amended) A system for protecting a illegal copy, comprising: [a portable terminal 

2 function processing a secret key transmitted from LCM, random number, and a] 

3 a terminal receiving a physical address of a bad sector [and outputting an encrypted a header 

4 of a] of a storage medium, said terminal generating a random number and storing said random 

5 number in a spare area of said storage medium, said terminal having a secret channel key, said 



Page 113 of 114 



PATENT 
P55690 

terminal function-processing said physical address, said random number and said secret channel key 
to obtain a processed value, said terminal encrypting a header of the digital content by [using an 
output of function processing] the processed value : and [a] 

said [portable] storage medium transmitting said physical address of [a] the bad sector, 
storing said random number as a key value generated from said [portable] terminal, storing as a 
sector data [in said portable storage an] the encrypted digital content and [an encrypted] the header 
of the digital content [information] encrypted by using the [result of function processing] processed 
value. 



Page 114 of 114 



